Description

The IncomingMailServers resource in Atlassian Jira before version 7.6.2 allows remote attackers to modify the "incoming mail" whitelist setting via a Cross-site request forgery (CSRF) vulnerability.

Remediation

References

CVE-2017-16862

Related Vulnerabilities

WordPress Plugin Email Templates HTML Injection (1.3)

MySQL CVE-2013-5793 Vulnerability (CVE-2013-5793)

Lighttpd Use After Free Vulnerability (CVE-2013-4560)

TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-3669)

WordPress 4.2.3 Multiple Vulnerabilities (0.7 - 4.2.3)

Severity

Medium

Classification

CVE-2017-16862 CWE-352

Tags

Missing Update Known Vulnerabilities